We've spent the last few years modernizing clients, kicking them out of Active Directory and optimizing them to run outside the corporate network. The use of modern protocols, conditional access and the integration of MDE and Intune now enables us to access cloud services with access management that largely complies with the principles of zero trust.

However, when it comes to accessing legacy apps in the old data center world, we unfortunately all too often fall back on the old solutions - perhaps enhanced with some SAML and certificates - and features such as microsegmentation and session revocation are sought in vain.

In this session, I will discuss and demonstrate why Microsoft's SSE solution Global Secure Access is much closer to my understanding of Zero Trust Network Access. In addition to network and connectivity topics, I will show how Entra Private Access benefits from integration with Conditional Access, Entitlement Management and Defender/Sentinel in the classic network disciplines of Authentication, Authorization and Accounting.

As a security architect who used to deal intensively with networks and in recent years with identity, I am very much looking forward to a deep dive on the topics of DNS and Single SignOn when accessing the OnPrem environment with Private Access.

Prepare yourself for
* Trafficflow, connector groups and name resolution in multi-datacenter scenarios
* (Passwordless) SSO with Cloud Kerberos Trust
* Granular authorization assignment with self-service through access packages
* Policy design for segmentation through conditional access